But these challenges also offer “an opportunity to redefine how security programs and controls are done,” he said during his presentation titled “Securing Hybrid IT Environments from Endpoints to Clouds.”

Carlson went on to explain how organizations can secure digital transformation efforts with Qualys’ platform, and emphasized the benefits of Cloud Agent sensors. Read on to learn more.

This versatile set of sensors gives security teams valuable options for collecting data from many IT asset types. The Qualys Cloud Agent in particular is a game changer, according to Carlson.

“We developed it to be a new platform paradigm,” he said.

Cloud Agent: An in-depth look

Because Cloud Agents work in concert with the Qualys Cloud Platform, customers can easily add security and compliance capabilities. Delivering multiple functions via a single agent “changes how security leaders are developing and creating security programs across their hybrid IT enterprise,” Carlson said.

The Cloud Agent is lightweight, consuming negligible computing and network resources. After a comprehensive initial data collection of the asset, it only gathers changes. Broad OS support includes Windows, Linux, MacOS, and “cloud native” platforms such as AWS, Azure and Google Cloud. It works on premises, in clouds and remote endpoints.

No need for complex credential and firewall management. It only communicates outbound to the Qualys platform.

It works with multiple Qualys apps, which lets security teams remove point-solution agents from assets and consolidate security tools, reducing costs and complexity.

It extends security to assets that are difficult or impossible to monitor with scanners, including:

Remote systems in branch offices

Roaming user devices

Elastic, ephemeral public cloud instances

Qualys customers have taken notice, having deployed 7.3 million agents between March 2017 and March 2018. One customer put 1 million in cloud assets, and 150,000 in user devices.

Cloud Agents and DevOps

Carlson highlighted the key role the agent plays in securing DevOps pipelines, citing as an example the integration between Qualys and Azure Security Center (ASC). Windows sysadmins, typically unfamiliar with security tools, can add Qualys Vulnerability Management (VM) to an Azure instance with a few clicks.

ASC automatically puts a Cloud Agent into the instance, whose data is collected and sent for analysis to the Qualys platform, which returns it to Azure. This gives Windows sysadmins a comprehensive view of the instance’s vulnerabilities, context around severity and risk, and the ability to drill down into details.

This screenshot shows the integration between Azure Security Center and Qualys VM. Instance vulnerabilities are detected by the Qualys Cloud Agent.

With these insights, sysadmins can programmatically prevent instances with high-severity vulnerabilities from launching into production, for example. “That really is DevSecOps. That’s really ‘shifting left’ into security,” Carlson said.

A single view of the asset

Carlson also explained how, using the Cloud Agent and the Qualys apps that leverage it, organizations can get a multi-dimensional view of a breached asset:

“This gives you that unified view of that asset as you investigate a breach and find out what’s happening in your environment before data loss or compromise,” Carlson said.

Watch the on-demand version of Carlson’s presentation, which goes into a lot more detail on these and other topics, features demos of Cloud Agent and other products, and includes a Q&A with the audience.